With data available at an unprecedented scale, Big Data & Analytics allow insurers to strengthen risk prevention, develop more personalised products, and cover previously excluded risks. For instance, diabetes patients may benefit from customized health coverage due to the availability of behavioural data, or homeowners may enjoy insurance against natural disasters at more affordable prices thanks to the processing of data from new sources.
This growing use of data poses new challenges related to the provisions of the EU General Data Protection Regulation (GDPR), taking effect on 25 May 2018. The regulation will provide data processors with a rulebook to harmonise personal data handling practices while granting more control of data back in the hands of European citizens. The regulation, however, might curb the value for consumers stemming from Big Data.
On top of managing existing operational risks amplified by the GDPR, Chief Risk Officers (CROs) will be key in guiding insurance companies in the transition to the new provisions and promoting the benefits of a responsible use of Big Data within a strong risk management culture. This paper provides CROs and senior managers with discussion points and management practices to tackle the challenges set by the GDPR.